Jobs
Form3 logoForm3

Senior Incident Response Manager (DFIR)

The Team

The InfoSec team is led by our CISO and comprises of four pillars; Information Security Officers, Offensive Security, Defensive Engineering and Security Operations.

The Security Operations team is newly formed and empowered to deliver our detection and response capability for threat management, to continually protect our customers, platform and business.

The Role

As a Senior Incident Response Manager (DFIR) at Form3, you will work alongside the wider InfoSec team to protect, detect and respond to security threats.

You'll apply your deep technical knowledge and ability to think critically to investigate and understand the full extent of security incidents and threats. As a senior position, when you're not investigating security incidents, you'll leverage your knowledge and real-world experience to work with other teams and help drive innovation across our detection and response capabilities.

Responsibilities

  • Own, implement and maintain process, procedures and guidelines for incident response, including the coordination with other teams to ensure the efficient and effective resolution of security incidents.

  • Perform host, network, and cloud-based forensic analysis to understand the full extent of security incidents and take appropriate response actions to contain, eradicate, and recover.

  • Oversee security investigations and manage throughout to resolution, postmortem reviews and track required follow up actions.

  • Build forensic analysis capabilities including processes, tooling and provide support.

  • Support SecOps Engineers through triage and initial investigation phases.

  • Lead intelligence-based threat hunts to uncover anomalous event in our environment representative of the security threats most relevant us.

  • Use your observations from security incidents, threat hunts, and relevant security threats to contribute to our security use cases or highlight opportunities for improvement.

  • Develop and maintain relationship with service delivery incident management team.

  • Plan, coordinate and conduct regular incident response training and tabletop exercises for InfoSec team.

  • Establish purple team process, coordinating blue and red team cooperative activities.

  • Provide reporting and metrics to management on the status of security incidents and response efforts.

What we’re looking for

Essential

  • 5+ years of hands-on experience in security incident response.

  • Knowledge across multiple security domains (e.g., cloud, data centres, applications, microservices, containers, network, corporate IT).

  • Strong knowledge of incident response methodologies and best practices, and familiarity with cybersecurity frameworks (e.g. NIST 800-61).

  • Experience with a broad range of security technologies such as EDR, SIEM and SOAR.

  • Experience with forensic analysis tools and techniques.

  • Ability to think critically and lead technical investigations.

  • Ability to handle high pressure situations in a calm, productive, and professional manner.

  • Ability to communicate and collaborate with diverse teams across a wide scope of disciplines.

Desirable

  • Forensic analysis experience of Kubernetes, macOS, and Unix.

  • Security certification(s), such as GIAC GCIH, GIAC GCFR, E|CIH or CIHE

  • Experience in a technical SOC/DFIR discipline

BENEFITS 
  • 30 days holidays plus public holidays
  • 100% remote work
  • Flexible working arrangements
  • Statutory benefits
  • Health & wellness allowance
  • Remote working equipment allowance
  • Primary caregiver leave
  • Learning days, Udemy and educational reimbursement etc.
  • Mental Health support via Spill
  • Perlego subscription
  • Full details available on our careers page
Form3 appreciates that we all lead different and often really busy lives. We work remotely 100% of the time and many of us work part time. If you’re interested in hearing what different flexible working arrangements may be available, we’d love to chat.   HIRING LOCATIONSWe are able to accept applications from the following countries; Belgium, Czech Republic, France, Germany, Greece, Hungary, Netherlands, Spain, Poland, Portugal, Romania & United Kingdom.   ABOUT US   We are an award-winning cloud-native payment technology provider for financially regulated institutions. Launched in 2016, we've doubled in size year on year as we continue to redefine what a truly instant payment experience means.We celebrate diversity, promote entrepreneurialism and are committed to giving everyone a say in shaping our business. Here you will grow as a person and accomplish incredible things. A career at Form3 is empowering, inspiring and fun. Join us and help shape the future of payments.   EQUAL OPPORTUNITIES   At Form3 we embrace equal opportunity and are committed to building a diverse team of exceptional individuals. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status, or disability status and it is our strong belief that the more inclusive we are as a business, the better our work will be.

OUR DEI&B COMMITMENT 

We hire talented people from a variety of backgrounds and experiences and are committed to a work environment based on diversity, open-mindedness and curiosity. We’re united by our company values (we even created them together!) and we celebrate our unique differences. 

Our employee lifecycle processes are designed to embrace equal opportunity and prevent discrimination against our people regardless of personal characteristics. It is our strong belief that the more inclusive and belonging we are as a business, the better our work will be. 

As an inclusive employer, we guarantee to interview all neurodiverse and physically disabled applicants who meet the minimum criteria for this role. We also encourage candidates to notify us of any reasonable adjustments that may be required during the recruitment process. This includes providing job adverts in alternative, accessible formats or adjustments required at interview stage. 

If you consider yourself to be neurodiverse or physically disabled under the UN definition of disability and would like to be considered under this scheme and/or require any reasonable adjustments please let us know by sending an email to [email protected] clearly stating your consent for us to process this data.

For more information please refer to our Recruitment Data Policy. 

Cyber Security Jobs by Category

Remote jobsFull Time jobsCISO jobsForensic jobsManager jobsIncident Response jobsPart Time jobsRed Team jobs

Cyber Security Salaries

Remote SalaryFull Time SalaryCISO SalaryForensic SalaryManager SalaryIncident Response SalaryPart Time SalaryRed Team Salary